Discussing the Power of Activism to Preserve Privacy in the Surveillance State with Brian Hofer (Secure Justice)
This blog post is part of our ‘Data, Privacy, and the Future of Trust in Public Institutions’ series, which is penned by Garrett Morrow, who was MetroLab’s Experiential Research Fellow during Fall 2020. To learn more about this series and to access other posts in this series, check out our first post here.
I interviewed Brian Hofer, the Chair and Executive Director of Secure Justice and Chair of the City of Oakland Privacy Advisory Commission on December 9, 2020. We talked about Brian’s work regarding surveillance technology governance in the City of Oakland, the Bay Area, and beyond. Brian was a paralegal who went into law school during the recession and fell into activism on his way out of law school. He has been involved in political discussions of surveillance, starting with a collective push against the Domain Awareness Center created by the City of Oakland.
In 2013, Oakland proposed the $12 million Domain Awareness Center, a technology hub that was intended to collect footage from public and private surveillance cameras throughout the city. The city thought the center was uncontroversial and introduced the policy during the consent portion of an agenda. Around the same time, Occupy Oakland was winding down and there was still a lot of strong activism energy in the city and in January 2014, a local newspaper covered the Domain Awareness Center. Even though Brian had lived in and been involved in Oakland for more than a decade at that point, his social circle did not even know the surveillance project existed due to no community outreach on behalf of the city. At the same time as Oakland was proposing the Center and local Oakland news was covering the project, the Edward Snowden revelations were becoming public, putting a lot of attention on all kinds of surveillance policies. These events acted as a focusing event for Brian and got him involved in the surveillance policy space. In March 2014, the project was voted on, and while it survived, it was heavily curtailed. Due to the activist pressure, the all-encompassing surveillance hub created an ad hoc privacy commission in its place to which Brian was appointed.
An issue with the Domain Awareness Center and other “smart city” applications that draw upon data like surveillance footage, is that cities do not perform true cost-benefit analyses. Indeed, many proponents of these policies would not necessarily even know where to start. For example, fake cell phone tower technologies known as “stingrays” and automated license plate readers are often implemented without proper cost-benefit analyses. Brian equated the early implementation of these technologies like Oakland’s Domain Awareness Center to the wild west where there just were not any rules on things like privacy, transparency, and accountability.
One benefit from commissions like the City of Oakland’s Privacy Advisory Commission is that it establishes a consistent working relationship between privacy activists like Brian, city officials like elected representatives, and institutions like the police department. The working relationship means that activists are not constantly playing whack-a-mole whenever a policy like the Domain Awareness Center is introduced. That relationship also provides an institutional body that is rooted in the community that can act as an interface between national bodies like the ACLU and their privacy models. The privacy commission also has a broad definition of technologies that fall under its purview, so they do not have to modify their definition every time a new piece of technology is developed. Afterall, many of the same questions get asked. What data is collected? What is the data retention policy? Is there a third-party data sharing partner? Are there private vendors? And many other privacy related questions.
In addition to his work in Oakland, Brian’s nonprofit Secure Justice has been working with various privacy and activist coalitions throughout the United States. Other cities are trying to work off the Oakland privacy commission model and Brian has been consulting with them. Many of the cities we talked about that are trying to develop privacy commissions are coastal cities in California and Massachusetts, but there are also some midwestern cities that are developing plans. New Orleans is also a city of note for similar privacy issues because it has a real-time crime center akin to the proposed Domain Awareness Center in Oakland.
Brian and I also spoke about his experience interacting with various private technology vendors. Due to budgeting shortfalls caused by COVID-19 and its economic fallout, Brian expects to see a lot more activity and proposals from vendors who believe they can help cities by affordably addressing problems. In exchange for upfronting technology implementation costs, vendors will seek municipal data which the vendors can then monetize in various ways. In Oakland, Brian and his group have tried to push back and believes that there is potential for cities to establish win-win relationships with private vendors while saving privacy measures. For example, vendors may be allowed aggregate municipal data that allows them to view big trends, but the cities would retain actual possession of the data and be able to make sure that any personally identifiable information is not revealed or disseminated.
Cities are beginning to push back on the full-scale private possession of municipal data. For instance, Brian and I spoke about ongoing lawsuits involving the Los Angeles Department of Transportation (LADOT) and organizations like the ACLU and Uber. There is a tension between who should be the owner of data generate by a city’s residents: the municipal government or the private corporation? As the LADOT lawsuit reveals, the political decisions of who owns data has yet to be decided.
Universities also play a role in the governance of municipal data and privacy. Indeed, local institutions like the University of California may serve as a mediator in the bay area between the private and the public. Universities are in cities’ backyards, locally rooted, and can provide technical expertise that may address a city’s resource or capacity deficit. One issue that Brian brought up however, is a disconnect between universities and cities. For example, students and faculty attend various conferences about urban issues, but they are not necessarily talking with city officials or activists like Brian who are trying to enact local change. When Brian has had a professor or student team come into talk to commissions, everyone is impressed. Furthermore, university connections foster a more collegial environment than when an organization like the ACLU comes into talk because everyone gets tense and worries that they will be sued. In other words, people let their guard down a bit and want to collaborate with the representatives from the university.
A problem with the interface between cities and universities is a lack of capacity and resources on the city side. Commissions like the Oakland Privacy Advisory Commission is still one-hundred percent volunteer, so it takes a lot of work to interact with universities and people in positions like Brian’s may not have the capacity to do so. Another area where cities lack capacity for functions like promoting privacy is in community outreach. Like interfacing with universities, it is challenging to communicate with various communities that have different circumstances, concerns, and needs. A city that Brian pointed to that is doing a good job of community outreach for smart city-like policies is Portland, Oregon. Community outreach is not only important for getting input from residents, but the process of doing so connects the populace of a city to its governing institutions.
Community outreach for issues like surveillance and data privacy reminds people that the government exists because of and for them. Surveillance, automation, and smart city policies are designed ostensibly to improve municipal life, but it is easy to lose sight of just why cities are implementing these policies to begin with if they violate the privacy and civil rights of their residents. A super majority of Californians are opposed to biometric technologies like facial recognition, yet it requires dedicated activists like Brian to form volunteer commissions and pushback against potentially privacy violating policies. Furthermore, the work of holding city governments accountable to the needs of its residents is repeated from locality to locality. More research needs to be done into the evolving politics of these data driven policies and how these polices affect the relationship between a city’s government and its residents.
Garrett Morrow is a Ph.D. candidate in Political Science at Northeastern University. His dissertation looks at the politics and public trust of smart city policies, data, and algorithms. During Fall 2020, Garrett was also an Experiential Research Fellow with us here at MetroLab. His work was funded through the College of Social Sciences and Humanities at Northeastern. Garrett can be reached at morrow.g@northeastern.edu.